mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-03-14 03:22:06 +01:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: jws: fix memory leak in jws_b64_signature

Browse Source 
EVP_MD_CTX is allocated using EVP_MD_CTX_new() but was never freed.
ctx should be initialized to NULL otherwise EVP_MD_CTX_free(ctx) could
segfault.

Must be backported as far as 3.2.
This commit is contained in:
Mia Kanashi 2026-03-05 18:08:32 +02:00 committed by William Lallemand
parent 760fef1fc0
commit b6e28bb4d7
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/jws.c
View File

@ -356,7 +356,7 @@ out:
*/
size_t jws_b64_signature(EVP_PKEY *pkey, enum jwt_alg alg, char *b64protected, char *b64payload, char *dst, size_t dsize)
{
EVP_MD_CTX *ctx;
EVP_MD_CTX *ctx = NULL;
const EVP_MD *evp_md = NULL;
int ret = 0;
struct buffer *sign = NULL;
@ -450,6 +450,7 @@ size_t jws_b64_signature(EVP_PKEY *pkey, enum jwt_alg alg, char *b64protected, c
ret = a2base64url(sign->area, sign->data, dst, dsize);
out:
EVP_MD_CTX_free(ctx);
free_trash_chunk(sign);
if (ret > 0)